By porting Flash Player to PPAPI, Google's engineers were able to stuff the Adobe plug-in into a "sandbox" as robust as the one that protects Chrome itself.

"Windows Flash is now inside a sandbox that's as strong as Chrome's native sandbox, and dramatically more robust than anything else available," Justin Schuh, a Chrome engineer, in a post to the Chromium blog Wednesday.

A sandbox is an anti-exploit technology that isolates processes on the computer, preventing or at least hindering malware from letting hackers exploit an unpatched vulnerability, escalate privileges and push their attack code onto the machine.

Previously Chrome's Flash sandbox was only available on Windows Vista and Windows 7, but with Chrome 21 and the move to PPAPI, Google was able to extend coverage to Windows XP.

"[That's] critical given the absence of OS support for security features like ASLR and integrity levels [in Windows XP]," Schuh said.

Schuh claimed that Chrome is run by about 100 million Windows XP users.

According to Web analytics company Net Applications, Windows XP powered 46.6 percent of all Windows PCs that went online in July, a slightly larger share than the quickly-gaining Windows 7.

The port of Flash to PPAPI will reduce Flash crashes by 20 percent, and prepares Chrome for its debut on Windows 8, the upgrade Microsoft plans to start selling Oct. 26.

"Because PPAPI doesn't let the OS bleed through, it's the only way to use all Flash features on any site in Windows 8 Metro mode," Schuh wrote, referring to the tile-based environment that, along with a traditional desktop, comprises Windows 8.